woostack-dream
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local utility scripts (
doctor.sh,graph.sh,build-index.sh) located within the../woostack-init/scripts/directory. It also uses standardgitcommands (git ls-files,git log) to identify files and retrieve history for context. - [DATA_EXPOSURE]: The tool reads repository content, including internal memory notes (
.woostack/memory/), documentation files, and git logs to analyze project knowledge. All operations are restricted to the local working directory. - [PROMPT_INJECTION]: The skill accepts an optional
instructionsargument and processes repository content (notes and docs) which could theoretically contain instructions designed to influence the agent's behavior. This risk is mitigated by a 'Hard Review Gate' in Phase 3, which requires explicit, unambiguous user approval of a full changeset before any modifications are applied. - [SAFE]: The skill adheres to 'local-only' principles, ensuring memory changes are never automatically committed or merged, and documentation edits are left in the working tree for manual review.
Audit Metadata